Currently my organization runs Symantec Endpoint protection on all of our systems. Needless to say it is a memory hog. We are thinking about moving towards Microsoft Security Essentials (MSE). Are we making a bad move here? Symantec seems to offer a high level of protection but I am not sure it is worth the loss in pc performance. Any recommendations?

People say this about SEP, but I personally deployed it here and have never run into that. I'm not sure what people are doing that is causing it to consume excessive amounts of memory, but it's not happening here.

We used to use SEP but also found that it just killed our older machines. On newer machines it isn't as much of an issue, but I ended up just uninstalling it. Symantec would routinely do a "background scan" and hog up 90% of the CPU/RAM on older XP machines, and significantly slow down the newer machines. The older ones were literally unusuable, you had to wait 5-10 minutes for an internet browser to open while this was going on. The worst part is, it doesn't tell you that it is doing this, or give any indication of it, it just does it, seemingly randomly. If you go into your running processes on task manager though, you'll likely see "RTVSCAN.exe" running, assuming that is "Real-Time Virus Scan" from Symantec.

We're behind a nice firewall, plus a cymphonix box that is set to filter out virus/spyware, and our staff knows better than to be going to any non work related sites. Our public PCs use Windows Steady State, so no big issue there - reboot and its fine again.

I also agree that McAfee is terrible, just as bad of a resource hog or worse, stay away in my opinion. There are plenty of free AV and low cost AV, like VIPER which someone mentioned and seems to be a good bang for buck deal.

We may be in a different situation. We have a vendor that manages our network and antivirus. Symantec show(ed) you a lot of detail about what it did and what it found. Kaspersky seems to just tell you that it found "something" and that it fixed it. I may not have looked in the right place, but with Kaspersky, you really don't get good information as to what it is finding, or the history of what has gone on on a machine. Symantec gave extremely specific information, like the file name, the location, what the suspected issue was, etc. Kaspersky supposedly sends an alert off to the vendor, but there is nothing on the machine side to tell you what is going on.

We may be in a different situation. We have a vendor that manages our network and antivirus. Symantec show(ed) you a lot of detail about what it did and what it found. Kaspersky seems to just tell you that it found "something" and that it fixed it. I may not have looked in the right place, but with Kaspersky, you really don't get good information as to what it is finding, or the history of what has gone on on a machine. Symantec gave extremely specific information, like the file name, the location, what the suspected issue was, etc. Kaspersky supposedly sends an alert off to the vendor, but there is nothing on the machine side to tell you what is going on.

That's all well and good, but if the AV makes our computers inoperable due to using 90% of cpu/ram with sneaky background scans, then it is just as bad as the malware itself. Granted, I will admit we are using version 10.x, maybe 12+ is vastly improved as some here say.

That's all well and good, but if the AV makes our computers inoperable due to using 90% of cpu/ram with sneaky background scans, then it is just as bad as the malware itself. Granted, I will admit we are using version 10.x, maybe 12+ is vastly improved as some here say.

That is your issue. 10.x and 11.x were horrible resource hogs. Symantec made vast improvements on their version 12 product to make it much more lightweight and less resource intensive. At the moment, my SEP 12 client on my computer is using less than 20 MB and zero processor...

We almost ditched SEP until their version 12 came out. It was so much better and works great that we renewed our agreement with them.

Agreeing with Derek_A. We use SEP 12.1 but in an unmanaged environment. Nary a flicker as far as CPU usage. It runs very well on everything we have on the floor. I've had zero issues with it catching bad guys and KO-ing them. However, keep reading...

What you DO have to do however is watch carefully the Active Scans the thing sets up. If you have a workstation with say 3 users, it sets up an Active Scan by default on EACH user account. The scan defaults to trigger at 12:30 pm, right in the middle of the business day! Food for thought for our OP: Is it possible this Active Scan is firing off causing you to perhaps think SEP is "hogging"? I found too that all 3 user accounts would trigger at 12:30 pm EVEN IF the users weren't logged on!!! Wha?? I've got three Active Scans running concurrently?? I kicked this around with Symantec for about 3 weeks begging them to please redesign this "feature" to default it off. No luck. I'm not big enough, I guess.

My workaround (remember, I'm unmanaged here...) was to go into each account and turn the blasted Active Scan off. I do this now on all new installs and update installs as well.

Depending on how many users you have MSE is only available to the best of my knowledge to 10 users. I also believe the product does not work on any MS Server platforms....nor are there plans. It protects XP-7. It is lean but the scanning is slow and I have personally seen a number of malware infections get thru a fully patches XP system (last night I removed 9 infections with malwarebytes that disabled MSE). I dont feel this product does adequate protection. I throw out a word of caution to those that use it. As for SEP, it is a pretty good size program but you can taylor it down depending how you use it. I deployed and manage a network that has 75 users. We have different policies fo SEP. One is for laptops, one is for LAN workstations as well as a server policy. The Workstations have the firewall option out! It runs better and is smaller, however it still adds to boot up and there is some minor overhead but Symantec does catch more. Last week I removed a number of malware from another clients PC in a network management by Vipre. Vipre did not catch this infection and it hide all files and folders, disabled right clicking, as well as task manager. I like the ease of Vipre but the protection has a number of holes. We are using the latest version of Vipre and it is on 50 PC/Servers at this location. It is lean and fast, scan is however slow and detection is weak. Deploying Vipre is an absolute dream, easiest suite I have deployed by a mile!!! But it lacks granularity and control like SEP. I have also deployed ESET, eset has had its issues with malware and so on getting thru. It seems all these suites protect well against viruses but lack in protection of malware, trojans, spyware, and any non-virus defined issues. I am yet to find a full featured virus suite that I am 100% confident in. I currently manage 25 networks all with different solutions. None have proven to be complete. I am still searching but for safety I like SEP at the moment. For Speed (minus scanning) I like ESET and Vipre. Vipre seems to be a big favorite around here. I do like it but seem to questions its detection.

0

This discussion has been inactive for over a year.

You may get a better answer to your question by starting a new discussion.